Computing Reviews, the leading online review service for computing literature.

Search

iOS forensic analysis : for iPhone, iPad, and iPod touch
Morrissey S., Apress, Berkeley, CA, 2010. 372 pp. Type: Book (978-1-430233-42-8)

Date Reviewed: Dec 20 2011

It’s hard to do much of anything without a computer these days. That includes criminals using computers of all sorts, including smartphones, to plan crimes and perform criminal acts. In some cases, such as piracy, the computer is an essential part of the action. Those in law enforcement (and other groups, including corporations) want evidence that might be on computers. This may include files, global positioning system (GPS) or other location-finding traces, and email. Forensics--the art and craft of getting this evidence and of getting it in a way that it might be useful--can be difficult. This book covers methods and software for performing forensic investigation on iOS devices (iPhone, iPod Touch, and iPad). There are ten chapters. “History of Apple Mobile Devices” discusses the various iOS devices and provides some information about their operating system (OS) and other internals. “iOS Operating and File System Analysis” contains more details on the operating systems involved and various data stores. “Search, Seizure, and Incident Response” covers legal information about mobile devices in general. “iPhone Logical Acquisition” provides details on how to get the data from an iOS device. “Logical Data Analysis” covers procedures for analyzing the data contained on an iOS device. “Mac and Windows Artifacts” describes the kinds of data that might be left on a Mac or Windows machine host running iTunes. “GPS Analysis” explains how to interpret the GPS and other geographic information on the device. “Media Exploitation” describes jailbreaking and digital rights management (DRM) circumvention in a legal setting. “Media Exploitation Analysis” covers several tools that allow files--including deleted ones--to be investigated. “Network Analysis” covers some networking basics and the use of various tools for analyzing network usage. The book has numerous illustrations and screen shots showing the kinds of information available and how to use some of the software involved. While the information presented is interesting, it is never particularly informative; instead it is mostly a handbook for a small selection of software. The level of information is a bit worrisome: are forensic investigators really having trouble figuring out which buttons to push? If so, should the courts really trust their information? The book also contains quite a bit of what reads like opinion about digital media, DRM, and jailbreaking. The author owns a company that sells some of the software described in the book, but that connection is not evident in the section covering that software. The book might be interesting to some investigators and some hackers, but to be worthwhile to many other readers, it needs a good deal of work, a bit less editorializing, and more serious technical information.

Reviewer: Jeffrey Putnam	Review #: CR139698 (1205-0431)

Apple (C.5.3 ... )

Abuse And Crime Involving Computers (K.4.2 ... )

Portable Devices (C.5.3 ... )

General (D.4.0 )

Would you recommend this review?

yes

Other reviews under "Apple":	Date

iOS 4 programming cookbook: solutions & examples for iPhone, iPad, and iPod touch apps Nahavandipoor V., O’Reilly Media, Inc., Sebastopol, CA, 2011. 640, Type: Book (978-1-449388-22-5)	Oct 31 2011

Beginning iPhone development: exploring the iOS SDK (7th ed.) Mark D., Nutting J., Topley K., Olsson F., LaMarche J., Apress, Berkeley, CA, 2014. 808, Type: Book (978-1-484202-00-5)	Jun 15 2015

Reproduction in whole or in part without permission is prohibited. Copyright 1999-2024 ThinkLoud^®
Terms of Use | Privacy Policy